Contact | Site en Français               

 


 

Vulnerabilities & Threats
 
  VUPEN Security Advisories
  Linux Security Advisories

  Malware Advisories
  Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Fedora Security Update Fixes Tk GIF Image Buffer Overflow Vulnerability

Title : Fedora Security Update Fixes Tk GIF Image Buffer Overflow Vulnerability
VUPEN ID : VUPEN/ADV-2007-3557
CVE ID : CVE-2007-5378
Rated as : Moderate Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-10-22

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format 

A vulnerability has been identified in Fedora, which could be exploited by attackers to cause a denial of service or execute arbitrary code. This issue is caused by an error in Tk. For additional information, see : VUPEN/ADV-2007-3412

Affected Products

Fedora 7

Solution

Upgrade the affected packages :

2f9dbe2132bf4fc78f8421e5ef6b9066d908c961 tk-8.4.13-6.fc7.ppc64.rpm
dfd62ad97a40e452f90f1d303332decbd274524d tk-debuginfo-8.4.13-6.fc7.ppc64.rpm
caf8b249afc9309cde1cc24b4946652045487912 tk-devel-8.4.13-6.fc7.ppc64.rpm
283a46b8af5b941e56f190b2f480d5447c86e84b tk-8.4.13-6.fc7.i386.rpm
55c6896d1c31cd6c6e053275e6ebe218e02b17fa tk-debuginfo-8.4.13-6.fc7.i386.rpm
9ae4f4e6258199851a8ad0b57feb448952f48956 tk-devel-8.4.13-6.fc7.i386.rpm
37d7a2427add562debe4db70c17c26d9d25556c7 tk-debuginfo-8.4.13-6.fc7.x86_64.rpm
15470e5810da218ab82bcc5b4cf609609b5c2d07 tk-8.4.13-6.fc7.x86_64.rpm
b119aeb80fbdc14e5bcedbcfbc7a265da6a3ac96 tk-devel-8.4.13-6.fc7.x86_64.rpm
d15bf067c74b67c516a8d3d482f00ba767de1a04 tk-8.4.13-6.fc7.ppc.rpm
e117e10b20001966a93fd96eba81a6541d7cd701 tk-debuginfo-8.4.13-6.fc7.ppc.rpm
2855c76d43b4dcbc5e84bfcef6632ba16fb584cd tk-devel-8.4.13-6.fc7.ppc.rpm
7781a6f38cca6f9c65027d00e85fd92cb4ad0935 tk-8.4.13-6.fc7.src.rpm

References

http://www.vupen.com/english/advisories/2007/3557
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00261.html

ChangeLog

2007-10-22 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

Vulnerability Alerting

Free 14-Day Trial
 
  Latest News

 

  >> 2009-07-06

     

  Microsoft Windows 0-Day
  Flaw Exploited in the Wild


  >> 2009-06-10

     

  VUPEN Security Research
  Discovered Critical Flaws
  in Adobe Acrobat and MS
  Office Word


  >> 2009-06-02

     

  VUPEN Security Research
  Discovered Critical Flaws
  in ACDSee Products


  >> 2009-05-22

     

  VUPEN Discovered Two
  Critical Vulnerabilities in
  Novell GroupWise 8 / 7

 

 

More Informations    
    








Copyright 2003-2009 © VUPEN.COM - Privacy Policy